nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
diaspora/app/assets/javascripts/widgets
History
Jonne Haß ecb1b80e24 Render flash message content with .text 
.html does not escape any html input in these, leading to XSS
attack vectors.

Thanks to A Kai (@sixhundredns) for reporting the related issues.
2014-05-24 16:08:32 +02:00
..
back-to-top.js use back-to-top initializer, fixes #2840 2012-05-02 00:03:07 +02:00
direction-detector.js Move Javascript to the asset pipeline 2012-03-27 18:07:44 -07:00
flash-messages.js Render flash message content with .text 2014-05-24 16:08:32 +02:00
header.js Move Javascript to the asset pipeline 2012-03-27 18:07:44 -07:00
infinite-scroll.js Fix wrong message on infinite scroll on contact page 2013-01-31 23:09:51 -03:00
lightbox.js Change image to ajax-loader when closing lightbox 2013-08-02 14:46:15 +02:00
notifications-badge.js Remove auto 'mark as read' for notifications 2014-04-15 14:51:38 +02:00
notifications.js Improve set read/unread in notifications dropdown 2014-04-16 23:33:22 +02:00
search.js Fixed global search field, will search when a dropdown item is clicked 2013-08-10 19:59:05 +02:00
stream.js Move Javascript to the asset pipeline 2012-03-27 18:07:44 -07:00
timeago.js Switched to using rails-timeago to make keeping on top of new versions of plugin easier 2014-01-20 09:33:35 +08:00